NSX-T Data Center REST API

Associated URIs:

API Description	API Path
IP Reputation feed configuration. API to retrieve the current IP Reputation feed configuration.	GET /policy/api/v1/infra/firewall-ip-reputation-feed GET /policy/api/v1/global-infra/firewall-ip-reputation-feed
IP reputation feed actions. This API can be used to activate or deactivate auto-download of IP reputation feed, it can also be used to trigger download of IP reputation feed when required. Once auto-download is activated, IP reputation feed will be downloaded at regular intervals of 720 mins(12 hrs). Auto-download of IP reputation feed can be activated using the action 'enable_auto_download', to deactivate use action 'disable_auto_download' and to trigger a download use action 'download'. For Global Manager, the only action that is supported is action=download. The enforcement_point_path of the site where the feed is to be downloaded should be provided along with the action	POST /policy/api/v1/infra/firewall-ip-reputation-feed POST /policy/api/v1/global-infra/firewall-ip-reputation-feed
Retrieves the IP reputation exclusion list from the default malicious IP group The API retrieves the list of IP addresses excluded from IP reputation enforcement. The exclusion list is maintained in the default malicious IP group. The behavior varies depending on whether the API is executed on Global Manager (GM) or Local Manager (LM). Execution on Global Manager (GM): - API endpoint: GET https:///global-manager/api/v1/global-infra/ip-reputation-exclusion-list - When the 'enforcement_point_path' parameter is provided, the API returns the exclusion IP list from the default malicious IP group of the specified site (Local Manager) represented by the enforcement point path. - When the 'enforcement_point_path' parameter is not provided, the API returns the exclusion IP list from the Global Manager's default malicious IP group. Execution on Local Manager (LM): - API endpoint: GET https:///policy/api/v1/infra/ip-reputation-exclusion-list - The API returns the exclusion IP list from the Local Manager's default malicious IP group. - The 'enforcement_point_path' parameter is ignored if provided, as the Local Manager maintains only its own enforcement point and exclusion list. Note: - This API only considers IP addresses in the default malicious IP group. IP addresses in user-created malicious IP groups are not included in the response.	GET /policy/api/v1/infra/ip-reputation-exclusion-list
List IP reputation site mappings configured across federated sites The API retrieves the list of IP reputation site mappings that define which sites are enabled for IP reputation management and their auto-download configuration from NTICS (NSX Threat Intelligence Cloud Services). IP Reputation Site Mapping is a Global Manager construct that: - Maps specific Local Manager sites to enable IP reputation functionality - Configures whether each site should automatically download IP reputation feeds from NTICS - Created and managed centrally from the Global Manager Execution on Global Manager (GM): - API endpoint: GET https:///global-manager/api/v1/global-infra/ip-reputation-site-mappings - Returns the list of all IP reputation site mappings configured in the federated deployment - Supports pagination and filtering via request parameters Execution on Local Manager (LM): - API endpoint: GET https:///policy/api/v1/global-infra/ip-reputation-site-mappings - When the Local Manager is onboarded to a Global Manager, this endpoint allows viewing the global IP reputation site mappings that are managed centrally by the GM - This is a read-only view - LM cannot create or modify these mappings - Useful for local administrators to verify IP reputation configuration and understand which sites are enabled for IP reputation management - Only available when the LM is part of a federated NSX deployment	GET /policy/api/v1/global-infra/ip-reputation-site-mappings
Retrieves a specific IP reputation site mapping configuration The API retrieves the configuration details of a specific IP reputation site mapping identified by its mapping ID. IP Reputation Site Mapping defines: - Which site (Local Manager) is enabled for IP reputation management - Whether the site should automatically download IP reputation feeds from NTICS (NSX Threat Intelligence Cloud Services) - The association between a site path and IP reputation configuration Execution on Global Manager (GM): - API endpoint: GET https:///global-manager/api/v1/global-infra/ip-reputation-site-mappings/ - Retrieves the detailed configuration of a specific IP reputation site mapping - The mapping-id typically corresponds to the site name or a descriptive identifier for the site Execution on Local Manager (LM): - API endpoint: GET https:///policy/api/v1/global-infra/ip-reputation-site-mappings/ - When the Local Manager is onboarded to a Global Manager, this endpoint allows viewing the specific IP reputation site mapping configuration that applies to sites in the federated deployment - This is a read-only view - Local Managers cannot modify site mappings - Useful for local administrators to verify their site's IP reputation configuration including: Whether auto-download is enabled for their site Last modification timestamps and ownership information - Only available when the LM is part of a federated NSX deployment	GET /policy/api/v1/global-infra/ip-reputation-site-mappings/{mapping-id}